hlfl (High Level Firewall Language) permits writing firewall rulesets
using its high level language, and transforms them into rules for
real software, including IPFilter, ipchains, Netfilter and Cisco IOS.

hlfl attempts to make the best use of the features of the underlying
firewall, such that a conversion from stateless to stateful requires
no modification to the original script.

hlfl was initiated by Renaud Deraison, co-founder of the Nessus
Project.
